I don't know all the capabilities of XSL and would like to know if there
is a security risk in allowing users to upload any XSL files to be used
in a 'skins' type of application?
My one concern would be using the document('') methods to load and
display other files from the system?
If this is not a good idea, can we sandbox an xsl transformer somehow?
Any thoughts are most welcome.
Andrew
I have never let my schooling interfere with my education
--Mark Twain
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
